Last Updated: Dec 17, 2024
Overview
This article addresses the scenario in which it is desired for the user to log in with Identifier + WebAuthN or Identifier + Password + MFA (that does not involve WebAuthN since they have already been offered that at that point).
The problem is that disabling WebAuthN as an MFA factor also disables the Identifier First + Biometrics functionality that should be kept.
Below are the details of how to work around this.
Applies To
- Multifactor Authentication (MFA)
Solution
This is by design at the moment. If a user declines the biometrics login prompt and opts to login with their password, Auth0 prompts them for biometrics MFA even after they have just indicated they do not want to use it for login.
If this functionality should be more configurable in a future release of Auth0, submit a feature request using this form. This is a direct line to the Product team and the best way to communicate particular needs.